This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/fed92a-2120-4326-a0c9-7168ae0b8278/1/JXRwLyORpbcFfOkjraKAN1359es.roa File: JXRwLyORpbcFfOkjraKAN1359es.roa (raw, json) Hash identifier: mZE8AHoKrvk4ZHGUVFzeByWnnas5X1rVeFc8IH1Z7sw= Subject key identifier: 25:74:70:2F:23:91:A5:B7:05:7C:E9:23:AD:A2:80:37:5D:F9:F5:EB Certificate issuer: /CN=42f1a24c80fdca329644573ae6d61c9f2e374ed8 Certificate serial: 019B456BC6CA6EA55813D26D67BF5F4BF06A Authority key identifier: 42:F1:A2:4C:80:FD:CA:32:96:44:57:3A:E6:D6:1C:9F:2E:37:4E:D8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QvGiTID9yjKWRFc65tYcny43Ttg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/fed92a-2120-4326-a0c9-7168ae0b8278/1/JXRwLyORpbcFfOkjraKAN1359es.roa Signing time: Mon 22 Dec 2025 09:37:29 +0000 ROA not before: Mon 22 Dec 2025 09:37:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 5400 IP address blocks: 2a00:2000::/23 maxlen: 23 2a00:2080::/32 maxlen: 32 2a00:2081::/32 maxlen: 32 2a00:2082::/32 maxlen: 32 2a00:2083::/32 maxlen: 32 2a00:2084::/32 maxlen: 32 2a00:2085::/32 maxlen: 32 2a00:2086::/32 maxlen: 32 2a00:2087::/32 maxlen: 32 2a00:2088::/32 maxlen: 32 2a00:2089::/32 maxlen: 32 2a00:208a::/32 maxlen: 32 2a00:208b::/32 maxlen: 32 2a00:208c::/32 maxlen: 32 2a00:208d::/32 maxlen: 32 2a00:2090::/32 maxlen: 32 2a00:2091::/32 maxlen: 32 2a00:2092::/32 maxlen: 32 2a00:2093::/32 maxlen: 32 2a00:2094::/32 maxlen: 32 2a00:2095::/32 maxlen: 32 2a00:2096::/32 maxlen: 32 2a00:2097::/32 maxlen: 32 2a00:2200::/25 maxlen: 25 2a00:2200::/40 maxlen: 40 2a00:2200:200::/40 maxlen: 40 2a00:2200:300::/40 maxlen: 40 2a00:2200:900::/40 maxlen: 40 2a00:2200:b00::/40 maxlen: 40 2a00:2200:d00::/40 maxlen: 40 2a00:2200:2000::/40 maxlen: 40 2a00:2200:5300::/40 maxlen: 40 2a00:2280::/25 maxlen: 25 2a00:2300::/25 maxlen: 25 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/fed92a-2120-4326-a0c9-7168ae0b8278/1/QvGiTID9yjKWRFc65tYcny43Ttg.crl rsync://rpki.ripe.net/repository/DEFAULT/f1/fed92a-2120-4326-a0c9-7168ae0b8278/1/QvGiTID9yjKWRFc65tYcny43Ttg.mft rsync://rpki.ripe.net/repository/DEFAULT/QvGiTID9yjKWRFc65tYcny43Ttg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:45:6b:c6:ca:6e:a5:58:13:d2:6d:67:bf:5f:4b:f0:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=42f1a24c80fdca329644573ae6d61c9f2e374ed8 Validity Not Before: Dec 22 09:37:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=2574702f2391a5b7057ce923ada280375df9f5eb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:89:45:ec:ec:3b:7d:2d:bb:35:48:27:9a:a7: 9e:c3:50:7f:68:89:a0:5c:1e:92:ac:f5:ff:ed:bf: a3:e5:f5:f1:e1:e4:21:ba:74:b7:59:b7:47:9b:49: f9:d2:bb:36:c1:47:ef:2e:61:20:ed:34:6f:fb:e5: 45:dc:e6:eb:a4:30:4a:2b:f1:8e:44:90:70:a6:65: 38:c0:45:56:d6:76:53:80:5b:a7:f4:c5:1f:bf:e1: e8:de:f0:5b:17:9e:fc:f7:b9:ec:60:de:a7:89:6f: b4:e8:db:22:ac:cf:e2:1b:8a:4c:f3:00:98:38:75: 5c:29:08:78:5f:07:be:09:f7:c1:bf:53:1a:43:ad: 1d:b8:7e:f9:dd:56:5e:50:8d:27:3e:8a:14:98:68: f9:4a:69:db:90:7c:d1:b9:2d:47:47:ce:fc:1b:93: 57:45:94:e7:58:cf:8e:38:93:c4:e6:0d:77:a3:5c: eb:15:77:5b:d4:83:b0:09:6f:82:57:ef:91:be:10: 02:11:92:e7:23:cc:65:46:9c:4c:c2:7e:ba:a2:64: 50:d4:ac:06:65:6c:96:da:31:19:4f:66:2b:01:4a: 23:c7:36:cf:f8:d8:89:4b:6c:1f:98:c2:7f:3a:a4: c2:8c:69:66:8f:7f:ec:4f:3e:8f:c4:96:77:4d:a8: e4:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:74:70:2F:23:91:A5:B7:05:7C:E9:23:AD:A2:80:37:5D:F9:F5:EB X509v3 Authority Key Identifier: keyid:42:F1:A2:4C:80:FD:CA:32:96:44:57:3A:E6:D6:1C:9F:2E:37:4E:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QvGiTID9yjKWRFc65tYcny43Ttg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/fed92a-2120-4326-a0c9-7168ae0b8278/1/JXRwLyORpbcFfOkjraKAN1359es.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/fed92a-2120-4326-a0c9-7168ae0b8278/1/QvGiTID9yjKWRFc65tYcny43Ttg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a00:2000::-2a00:237f:ffff:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 2c:42:95:63:c4:53:34:4f:83:a9:94:b7:eb:1e:f2:48:e9:2d: 29:02:1d:b4:85:9c:d8:82:3e:cc:78:60:fd:a2:2a:11:05:03: d1:21:4c:4c:49:11:fb:40:2a:be:67:86:82:88:fe:14:80:a9: 91:7d:e8:a9:68:4a:a4:7e:fd:28:97:69:02:3f:35:19:76:91: cd:6c:68:bd:8c:05:77:78:be:fe:5d:31:e1:74:43:56:8d:02: 82:d7:f8:67:88:48:41:d5:d2:15:b3:9f:37:9a:7f:64:45:22: ea:cd:4a:ab:30:63:c5:3f:ef:bd:1c:b7:c1:71:d6:40:5e:0e: 59:53:2f:60:82:09:71:e7:22:ca:d8:3a:0c:6c:2c:69:8c:e5: b1:ec:76:98:a1:05:15:82:6f:bc:2e:f9:cf:6c:b1:53:b5:16: d5:5c:39:9b:04:29:11:eb:48:42:65:1c:e7:08:24:3b:8a:7d: 70:e2:d5:59:bf:13:6c:c6:ba:6f:dd:c7:2a:26:b9:72:1c:17: a9:da:59:f0:a8:f4:ef:19:60:2f:6f:ee:74:ea:c9:f1:c7:e9: eb:0d:e9:83:0d:19:b9:98:7a:58:10:cf:c1:e2:dc:27:c1:12: 57:2d:21:5c:e6:9a:06:df:15:ae:22:3e:92:78:76:7d:af:59: c5:97:79:87 -----BEGIN CERTIFICATE----- MIIFBjCCA+6gAwIBAgISAZtFa8bKbqVYE9JtZ79fS/BqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQyZjFhMjRjODBmZGNhMzI5NjQ0NTczYWU2ZDYxYzlmMmUz NzRlZDgwHhcNMjUxMjIyMDkzNzI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyNTc0NzAyZjIzOTFhNWI3MDU3Y2U5MjNhZGEyODAzNzVkZjlmNWViMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyIlF7Ow7fS27NUgnmqeew1B/aImg XB6SrPX/7b+j5fXx4eQhunS3WbdHm0n50rs2wUfvLmEg7TRv++VF3ObrpDBKK/GO RJBwpmU4wEVW1nZTgFun9MUfv+Ho3vBbF57897nsYN6niW+06NsirM/iG4pM8wCY OHVcKQh4Xwe+CffBv1MaQ60duH753VZeUI0nPooUmGj5SmnbkHzRuS1HR878G5NX RZTnWM+OOJPE5g13o1zrFXdb1IOwCW+CV++RvhACEZLnI8xlRpxMwn66omRQ1KwG ZWyW2jEZT2YrAUojxzbP+NiJS2wfmMJ/OqTCjGlmj3/sTz6PxJZ3Tajk3QIDAQAB o4ICEjCCAg4wHQYDVR0OBBYEFCV0cC8jkaW3BXzpI62igDdd+fXrMB8GA1UdIwQY MBaAFELxokyA/coylkRXOubWHJ8uN07YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUXZHaVRJRDl5aktXUkZjNjV0WWNueTQzVHRnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9mZWQ5MmEtMjEyMC00MzI2LWEwYzkt NzE2OGFlMGI4Mjc4LzEvSlhSd0x5T1JwYmNGZk9ranJhS0FOMTM1OWVzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMS9mZWQ5MmEtMjEyMC00MzI2LWEwYzktNzE2OGFlMGI4Mjc4 LzEvUXZHaVRJRDl5aktXUkZjNjV0WWNueTQzVHRnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCgGCCsGAQUFBwEHAQH/BBkwFzAVBAIAAjAPMA0DBAUqACAD BQcqACMAMA0GCSqGSIb3DQEBCwUAA4IBAQAsQpVjxFM0T4OplLfrHvJI6S0pAh20 hZzYgj7MeGD9oioRBQPRIUxMSRH7QCq+Z4aCiP4UgKmRfeipaEqkfv0ol2kCPzUZ dpHNbGi9jAV3eL7+XTHhdENWjQKC1/hniEhB1dIVs583mn9kRSLqzUqrMGPFP++9 HLfBcdZAXg5ZUy9ggglx5yLK2DoMbCxpjOWx7HaYoQUVgm+8LvnPbLFTtRbVXDmb BCkR60hCZRznCCQ7in1w4tVZvxNsxrpv3ccqJrlyHBep2lnwqPTvGWAvb+506snx x+nrDemDDRm5mHpYEM/B4twnwRJXLSFc5poG3xWuIj6SeHZ9r1nFl3mH -----END CERTIFICATE-----Generated at Tue Dec 23 09:12:37 2025 by rpki-client